CVE-2024-1181
Coming Soon, Under Construction & Maintenance Mode By Dazzler <= 2.1.2 - Maintenance Mode Bypass
CVSS Score
5.3
EPSS Score
0.0%
EPSS Percentile
0th
The Coming Soon, Under Construction & Maintenance Mode By Dazzler plugin for WordPress is vulnerable to maintenance mode bypass in all versions up to, and including, 2.1.2. This is due to the plugin relying on the REQUEST_URI to determine if the page being accesses is an admin area. This makes it possible for unauthenticated attackers to bypass maintenance mode and access the site which may be considered confidential when in maintenance mode.
| CWE | CWE-862 |
| Vendor | dazzlersoft |
| Product | coming soon, under construction & maintenance mode by dazzler |
| Published | Mar 20, 2024 |
| Last Updated | Apr 8, 2026 |
Stay Ahead of the Next One
Get instant alerts for dazzlersoft coming soon, under construction & maintenance mode by dazzler
Be the first to know when new medium vulnerabilities affecting dazzlersoft coming soon, under construction & maintenance mode by dazzler are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
dazzlersoft / Coming Soon, Under Construction & Maintenance Mode By Dazzler
0 โค 2.1.2
References
wordfence.com: https://www.wordfence.com/threat-intel/vulnerabilities/id/6dc144cd-7119-477f-9fa1-b00cab215077?source=cve plugins.trac.wordpress.org: https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3054042%40coming-soon-wp&new=3054042%40coming-soon-wp&sfp_email=&sfph_mail= plugins.trac.wordpress.org: https://plugins.trac.wordpress.org/browser/coming-soon-wp/trunk/coming-soon-wp.php#L45
Credits
Lucio Sรก